Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
46396	2024-07-29 17:00	MonetarySummary.js 8af1b69d823c1b6cb3a9a3102e73bf3a VirusTotal Malware VBScript wscript.exe payload download Tofsee Dropper	1 Keyword trend analysis	2	2	10.0	M	15	ZeroCERT

46397	2024-07-29 17:00	tgmes.ps1 11d77b86c5517ba4327f712c6f5853a7 Generic Malware Antivirus VirusTotal Malware powershell WMI unpack itself Check virtual network interfaces WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis	2		4.4		19	ZeroCERT

46398	2024-07-29 17:00	respaldo.txt.exe 1568abb08de05c87e94ce4f639a05636 Browser Login Data Stealer Generic Malware Downloader Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check Malware download Remcos VirusTotal Malware Malicious Traffic Check memory Windows DNS DDNS keylogger	1 Keyword trend analysis	4	4	3.8		59	ZeroCERT

46399	2024-07-29 17:05	vc55.txt.vbs caca97ae9511fcda7e89e9e70cdb8dc4 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			5.2	M	7	ZeroCERT

46400	2024-07-29 17:06	vnm.txt.vbs 44c6625fcc0a287d7d618359268c9abf Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	3	8.6	M	12	ZeroCERT

46401	2024-07-29 17:06	vnm2.txt.vbs 8b2d2b9a6d36abcb2b1b8a60f9898374 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	3	9.2	M	12	ZeroCERT

46402	2024-07-29 17:15	hvnc.ps1 4bee61710cce2761e3a01e0d7cb7da34 Generic Malware Antivirus powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process Windows ComputerName Cryptographic key	1 Keyword trend analysis	2		7.2			ZeroCERT

46403	2024-07-29 17:16	payload.docm 840a3a122c7e418626500dd39ae492dc VBA_macro Doc XML Downloader Word 2007 file format(docx) ZIP Format VirusTotal Malware exploit crash unpack itself Exploit crashed	2 Keyword trend analysis			2.8		19	ZeroCERT

46404	2024-07-29 17:16	runner.exe d095b91d348e777c95b845c77246022f Generic Malware Malicious Library Malicious Packer UPX PE File PE64 VirusTotal Malware Remote Code Execution crashed				2.0		41	ZeroCERT

46405	2024-07-29 18:18	loveyou.exe 55e6cc81525f58cf81496b1f13f555b3 Malicious Library PE File PE64 Malware download Cobalt Strike Cobalt VirusTotal Malware RWX flags setting unpack itself ComputerName DNS	2 Keyword trend analysis	1	2	3.8		61	ZeroCERT

46406	2024-07-29 23:52	main.exe 2d2f169d73a4d73bc16fe22e43d0bd8c Generic Malware Malicious Library UPX PE File PE32 MZP Format OS Processor Check Check memory Checks debugger buffers extracted RWX flags setting unpack itself suspicious process WriteConsoleW Windows Cryptographic key				3.4			guest

46407	2024-07-30 07:47	svchost.exe 6ddd28445b8fc2485cb72f22d1adc936 Malicious Packer PE File PE32 MZP Format unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName				3.0			ZeroCERT

46408	2024-07-30 07:47	PPGcgnyW.exe 670d1014ec5713d005f8ddfefc495a9e AsyncRAT task schedule Downloader Malicious Packer .NET framework(MSIL) UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PE File AutoRuns Code Injection Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName				4.0			ZeroCERT

46409	2024-07-30 07:49	build.exe 94ecbd522a17fe53a48486a00f748e64 Lumma Stealer UPX PE File PE32							ZeroCERT

46410	2024-07-30 07:54	uIZtAux.exe 8d14c4ba7260c61ecde30d97fd3c124a RedLine stealer RedlineStealer Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 30 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)	5.0	M		ZeroCERT